Lucene search
K

5135 matches found

Hacker One
Hacker One
added 2016/04/17 3:20 a.m.39 views

Udemy: AWS S3 bucket writable for authenticated aws user

Hey, I found an open S3 Amazon bucket udemy-maven. While I can’t confirm if you own it or not, it appears that it is publicly writable using the aws cli. When I write to udemy-maven, I get: move: ./test.txt to s3://udemy-maven/test.txt And also when I remove file, I get: delete:...

6.7AI score
Exploits0
NVD
NVD
added 2016/04/13 4:59 p.m.22 views

CVE-2016-2084

F5 BIG-IP LTM, AFM, Analytics, APM, ASM, Link Controller, and PEM 11.3.x, 11.4.x before 11.4.1 build 685-HF10, 11.5.1 before build 10.104.180, 11.5.2 before 11.5.4 build 0.1.256, 11.6.0 before build 6.204.442, and 12.0.0 before build 1.14.628; BIG-IP AAM 11.4.x before 11.4.1 build 685-HF10, 11.5....

7.4CVSS7.4AI score0.00791EPSS
Exploits0References2
Prion
Prion
added 2016/04/13 4:59 p.m.19 views

Default configuration

F5 BIG-IP LTM, AFM, Analytics, APM, ASM, Link Controller, and PEM 11.3.x, 11.4.x before 11.4.1 build 685-HF10, 11.5.1 before build 10.104.180, 11.5.2 before 11.5.4 build 0.1.256, 11.6.0 before build 6.204.442, and 12.0.0 before build 1.14.628; BIG-IP AAM 11.4.x before 11.4.1 build 685-HF10, 11.5....

4CVSS7AI score0.00791EPSS
Exploits0References2Affected Software18
Cvelist
Cvelist
added 2016/04/13 4:0 p.m.25 views

CVE-2016-2084

F5 BIG-IP LTM, AFM, Analytics, APM, ASM, Link Controller, and PEM 11.3.x, 11.4.x before 11.4.1 build 685-HF10, 11.5.1 before build 10.104.180, 11.5.2 before 11.5.4 build 0.1.256, 11.6.0 before build 6.204.442, and 12.0.0 before build 1.14.628; BIG-IP AAM 11.4.x before 11.4.1 build 685-HF10, 11.5....

7.4AI score0.00791EPSS
Exploits0References2
CVE
CVE
added 2016/04/13 4:0 p.m.75 views

CVE-2016-2084

CVE-2016-2084 affects F5 BIG-IP and BIG-IQ cloud deployments (AWS, Azure, Verizon) where certificates and keys are not regenerated during deployment, allowing potential disclosure of sensitive data or disruption. The root cause is improper regeneration of certificates/keys when deploying cloud im...

7.4CVSS7.3AI score0.00791EPSS
Exploits0References2Affected Software1
F5 Networks
F5 Networks
added 2016/04/11 12:0 a.m.52 views

SOL11772107 - BIG-IP and BIG-IQ cloud image vulnerability CVE-2016-2084

Note: Upgrading a vulnerable version to a not vulnerable version will not mitigate this issue; performing an upgrade on a vulnerable instance will cause the instance to remain vulnerable after the upgrade. Furthermore, any backups that are made from a vulnerable instance and restored to a not...

7.4CVSS0.2AI score0.00791EPSS
Exploits0References10
Tenable Nessus
Tenable Nessus
added 2016/04/11 12:0 a.m.34 views

Amazon Web Services EC2 Instance Metadata Enumeration (Windows)

Binary data enumerateawsamiwin.nbin...

7.3AI score
Exploits0References1
Hacker One
Hacker One
added 2016/04/08 11:8 p.m.24 views

X (Formerly Twitter): niche s3 buckets are readable/writeable/deleteable by authorized AWS users

Hi All, I've discovered that the AWS buckets by niche, niche-s3-production, is accessible for authorized AWS users using the AWS command line tools. Issue As such, I have confirmed: - I can list all files in the bucket with the command aws s3 ls s3://niche-s3-production - I can copy files from th...

7AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2016/04/07 12:0 a.m.36 views

RHEL 6 : jboss-ec2-eap (RHSA-2016:0598)

A jboss-ec2-eap update is now available for Red Hat JBoss Enterprise Application Platform 6.4.7 on Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed...

7.8CVSS6.2AI score0.20318EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2016/04/05 8:37 p.m.50 views

Moderate: Red Hat Security Advisory: jboss-ec2-eap security, bug fix, and enhancement update

A jboss-ec2-eap update is now available for Red Hat JBoss Enterprise Application Platform 6.4.7 on Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed...

7.8CVSS6.6AI score0.20318EPSS
Exploits0References4
Hacker One
Hacker One
added 2016/04/04 2:56 a.m.176 views

HackerOne: AWS S3 bucket writeable for authenticated aws users

Hi All, I know that hackerone-attachments is used for file uploads on reports and so I did a quick scan for similar buckets and found . While I can't confirm if you own it or not, it appears that it is publicly writable using the aws cli. When I tried to write to hackerone-attachments, I get: "mo...

1.6AI score
Exploits0
hackapp
hackapp
added 2016/04/01 10:25 a.m.21 views

PBS KIDS Party - AWS Credentials, SD-card access, Suspicious files vulnerabilities

HackApp vulnerability scanner discovered that application PBS KIDS Party published at the 'play' market has multiple vulnerabilities...

0.7AI score
Exploits0References1Affected Software1
hackapp
hackapp
added 2016/04/01 10:24 a.m.15 views

Baby Sign and Sing Lite - AWS Credentials, Base64 encoded String, Customized SSL vulnerabilities

HackApp vulnerability scanner discovered that application Baby Sign and Sing Lite published at the 'play' market has multiple vulnerabilities...

0.7AI score
Exploits0References1Affected Software1
hackapp
hackapp
added 2016/04/01 10:24 a.m.17 views

Lottie Dottie Chicken - AWS Credentials, Customized SSL, Dangerous filesystem permissions vulnerabilities

HackApp vulnerability scanner discovered that application Lottie Dottie Chicken published at the 'play' market has multiple vulnerabilities...

0.8AI score
Exploits0References1Affected Software1
hackapp
hackapp
added 2016/04/01 10:23 a.m.17 views

Pango FREE - AWS Credentials, Dangerous filesystem permissions, Insecure KeyStore vulnerabilities

HackApp vulnerability scanner discovered that application Pango FREE published at the 'play' market has multiple vulnerabilities...

0.6AI score
Exploits0References1Affected Software1
hackapp
hackapp
added 2016/04/01 10:21 a.m.23 views

PlayKids Talk Messenger 4 Kids - AWS Credentials, Customized SSL, Dangerous filesystem permissions vulnerabilities

HackApp vulnerability scanner discovered that application PlayKids Talk Messenger 4 Kids published at the 'play' market has multiple vulnerabilities...

0.7AI score
Exploits0References1Affected Software1
hackapp
hackapp
added 2016/04/01 10:19 a.m.14 views

Trucktown: Scrap Yard Scramble - AWS Credentials, Customized SSL, Dangerous filesystem permissions vulnerabilities

HackApp vulnerability scanner discovered that application Trucktown: Scrap Yard Scramble published at the 'play' market has multiple vulnerabilities...

0.8AI score
Exploits0References1Affected Software1
hackapp
hackapp
added 2016/04/01 10:14 a.m.19 views

Psych! Outwit Your Friends - AWS Credentials, Customized SSL, Dangerous filesystem permissions vulnerabilities

HackApp vulnerability scanner discovered that application Psych! Outwit Your Friends published at the 'play' market has multiple vulnerabilities...

0.7AI score
Exploits0References1Affected Software1
hackapp
hackapp
added 2016/04/01 10:13 a.m.16 views

Dropwords - AWS Credentials, Dangerous filesystem permissions, WebView code execution vulnerabilities

HackApp vulnerability scanner discovered that application Dropwords published at the 'play' market has multiple vulnerabilities...

1.5AI score
Exploits0References1Affected Software1
hackapp
hackapp
added 2016/04/01 10:13 a.m.24 views

WordBuzz: The Honey Quest - AWS Credentials, Customized SSL, Dangerous filesystem permissions vulnerabilities

HackApp vulnerability scanner discovered that application WordBuzz: The Honey Quest published at the 'play' market has multiple vulnerabilities...

0.7AI score
Exploits0References1Affected Software1
Rows per page
Query Builder